7.5
CVE-2025-3632 - IBM 4769 Developers Toolkit denial of service
IBM 4769 Developers Toolkit 7.0.0 through 7.5.52 could allow a remote attacker to cause a denial of service in the Hardware Security Module (HSM) due to improper memory allocation of an excessive size.
6.3
CVE-2025-46743 - Cross-Site Request Forgery
An authenticated user's token could be used by another source after the user had logged out prior to the token expiring.
4.4
CVE-2025-46750 - Authentication Bypass
SEL BIOS packages prior to 1.3.49152.117 or 2.6.49152.98 allow a local attacker to bypass password authentication and change password-protected BIOS settings by importing a BIOS settings file with no password set.
4.3
CVE-2025-46749 - Improper Neutralization of Input
An authenticated user could submit scripting to fields that lack proper input and output sanitization leading to subsequent client-side script execution.
2.7
CVE-2025-46748 - Unverified Password Change
An authenticated user attempting to change their password could do so without using the current password.
5.7
CVE-2025-46747 - Exposure of Sensitive System Information
An authenticated user without user-management permissions could identify other user accounts.
5.8
CVE-2025-46746 - Error Message Contains Sensitive Information
An administrator could discover another account's credentials.
6.5
CVE-2025-46745 - Improper Privilege Management
An authenticated user without user-management permissions could view other users account information.
2.7
CVE-2025-46744 - Improper Privilege Management
An authenticated administrator could modify the Created By username for a user account
4.3
CVE-2025-46742 - Improper Access Control
Users who were required to change their password could still access system information before changing their password